The DOD announced this week ambitious plans to catch up, growing the unit five-fold to around 4,900 troops. The plan was first formulated by senior Pentagon officials late last year and is in the final stages of confirmation.

Under the plan, Cyber Command will be split into three distinct subunits, each with a distinct purpose. "National mission forces" will protect critical infrastructure like power and water grids from infiltration or attacks; "combat mission forces" will communicate with overseas officers and coordinate cyberattacks (like Stuxnet); and "cyber protection forces" will be tasked with entrenching the Pentagon's networks against both foreign and domestic threats.

Sources indicate that the "national mission" teams will only take action on U.S. networks if a sister agency, such as the Federal Bureau of Investigation (FBI), requests it. While that may not lay to rest citizen fears of domestic spying or policing, it does suggest -- at least officially -- a limited domestic role for the expanding unit.

An unnamed official toldTheWashington Post, "There’s no intent to have the military crawl inside industry or private networks and provide that type of security. [Action would only be taken in cases where the adversary could] really hurt. We’re not talking about doing something to make sure that Mrs. Smith’s bank account didn’t get hijacked by somebody."

The U.S. wants better cyberoffensive capabilities to use against hostile regimes like Iran.
[Image Source: ISNA]

The plan to dramatically expand the three-year old unit -- at a time when the military as a whole is undergoing sweeping budget cuts -- is a sign of cyberwarfare's growing role in modern warfare.

William J. Lynn III, a former deputy defense secretary, tells The Washington Post that the plan is long overdue, commenting, "Given the malicious actors that are out there and the development of the technology, in my mind, there’s little doubt that some adversary is going to attempt a significant cyberattack on the United States at some point. The only question is whether we’re going to take the necessary steps like this one to deflect the impact of the attack in advance or . . . read about the steps we should have taken in some post-attack commission report."

II. Big Challenges Ahead

Currently, the DOD relies heavily on the National Security Agency (NSA) for its cyberwarfare needs. Indeed, Cyber Command's main physical presence is located directly beside the main NSA building in Fort Meade, Maryland. But the NSA's official role is limited to foreign intelligence gather; outside of electronic intelligence it's ill suited to provide necessary cyberoffensive or defensive capabilities.

The question, going ahead, though is how to merge the NSA's existing support role with the expanding role of the Cyber Command unit.

Some argue that when Cyber Command is expanded "you sever that" relationship with the NSA. But others say the NSA will continue to complement the bigger, more independent unit without issue. Comments one source, "That’s been the plan all along. Take the talent resident in NSA, turn it into [cyber] attack talent."

Another key unanswered question is where the Pentagon will be able to get enough qualified hackers to join its ranks. Funding will obviously play a key role, but one problem is simply availability; skilled security experts are a relatively rarity and many have misgivings about working for "the man" (aka the U.S. Military).

Comments one Navy source, "You get the resource guys sucking a lot of air through their teeth because they know their service chiefs have backed it. So they have to find the resources to pay for the people."

Many hackers frown on working for the Pentagon, but given sufficient money they might change their tune. [Image Source: Reuters]

Figuring out those challenges will be a big part of Keith B. Alexander's job. Director Alexander, who jointly serves as director of the NSA and chief of the Cyber Command.

Director Alexander is expected to retire or move to another agency in summer 2014, but until then he will be pushing strong to gain the ability for Cyber Command to have its own independent budget, something other major military branches have. Such authority would have to be granted by Congress.

In the meantime his agencies will continue to ponder how to recruit talent, how to differentiate their respective roles, and how to counterattack foreign cyberagressors with their small, but growing staff of government hackers.

Make it illegal for any government employee to use any government computer for anything other than official business.No casual web-surfing, no visiting torrent sites, no checking your personal email. We're not paying these people's wages so they goof off on their computers.

At my old workplace which had DoD contracts, our DoD-supplied rigs didn't have access to the internet, only LAN access. No USB/Firewire/SD ports. Either this isn't the norm elsewhere or they haven't had a visit from an auditor lately.

Personal email is sometimes an invaluable tool for maintaining a continuity link between changing email addresses due to being moved around a lot. Even the new email migration has not solved that for email in forward locations.

Being able to access personal email has allowed me to keep/retain soft-copies of many important documents that can then be forwarded to my new work email. And it gets worse when you have three work emails, none of which communicate directly. I won't even bring up the pains of budget cuts eliminating document scanners from the office.

There in lies the problem. What you are doing is probably not causing your previous employer any harm, but believe it or not you may be breaking the law. Most companies own any and all work you do under their employ, therefore you forwarding a document (no matter how trivial) outside of the organization is usually considered a breach. It doesn't matter if it was your original code, or thought, if it was on their dime then it is their property not yours to use at your next job.

Back to the topic at hand your example poses a HUGE security risk if DOD employees are forwarding any work related documents to a non DOD account. Essentially your example only proves the OP's point, absolutely nothing not job related should be done on government owned machines.

Gov employees would be fired the sec they went to one of those sites you mentioned. I'm not sure how congress is or was getting around it but I guess they don't have the same check and balances the rest of the gov has.

If you're on a computer with access to military/national security information, the odds are its already locked down pretty far. I worked in mere state-level law enforcement for a year and the regular office computers (which did not store large databases of sensitive info) could only visit a few thousand white listed sites.

Think about the consequences though if you want to make it illegal for ANY government employee to use ANY government computer for ANYTHING other than official business.

Do you ever use your work computer to surf the internet for non-work reasons? Is your employer paying you to do that? What's the difference if its the government instead of a private business?

If you tell government employees they can't check their personal e-mail or surf the web on their lunch breaks or browse a news site every now and then while on the job (like every other office worker does) you'll end up with a lot disgruntled people. The ones with competitive talent and skills will leave government and go (back) to the private sector. The people without sufficient talent or skills will stay behind and suck harder at their jobs because they will be surly and won't have any talented co-workers pushing the bar up.

People want to restrict government workers in all kinds of ways, mostly by paying them crap wages. And then people wonder why the folks that work these jobs aren't smart, responsive or empathetic.

quote: People want to restrict government workers in all kinds of ways, mostly by paying them crap wages

Have you ever seen government compensation packages. Even the lowest level clerk has a far superior total compensation package than the private market would bear for the same work.

As far as the disgruntled employee goes. That whole paragraph pretty much sums up what is wrong with this country, and why we aren't competitive. The asinine entitled attitude of the US worker. You have no right to internet access at work!!! Do what your told, get off your ass, and quit sucking your company dry with laziness and maybe they won't move it to China. Seriously if you can't surf the web at work, you'd quit...pathetic. Guarantee you wouldn't if you didn't have a nice unemployment check coming, cut all the social welfare safety nets and get back to actually be productive America /rant

FYI..NO I am not at work right now. I'm off today. And yes, I've been guilty of abusing the internet for personal gain at work, but I'm not foolish enough to think there is some sort of defense for such blatant theft of company time.

The amusing thing is that almost everyone wants something for nothing. No one is really immune from this. If I could get away with working 1 hour per day and getting paid the full amount, then I'd give it a shot. Stop blaming others and just accept that we would love to have little accountability so that we can get away with doing whatever we want. You're human just like the rest of us!

"Paying an extra $500 for a computer in this environment -- same piece of hardware -- paying $500 more to get a logo on it? I think that's a more challenging proposition for the average person than it used to be." -- Steve Ballmer